This is an automated email from the ASF dual-hosted git repository. martijnvisser pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/flink.git
The following commit(s) were added to refs/heads/master by this push: new dcb77049d21 [FLINK-28147][Python] Update httplib2 to at least 0.19.0 to address CVE-2021-21240 dcb77049d21 is described below commit dcb77049d21b586d4669229a8248da72ef6fdcf7 Author: Martijn Visser <martijnvis...@apache.org> AuthorDate: Mon Jun 20 13:14:41 2022 +0200 [FLINK-28147][Python] Update httplib2 to at least 0.19.0 to address CVE-2021-21240 --- flink-python/dev/dev-requirements.txt | 2 +- flink-python/setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/flink-python/dev/dev-requirements.txt b/flink-python/dev/dev-requirements.txt index c74ae976056..3f247d41837 100755 --- a/flink-python/dev/dev-requirements.txt +++ b/flink-python/dev/dev-requirements.txt @@ -32,4 +32,4 @@ fastavro>=1.1.0,<1.4.8 grpcio>=1.29.0,<2 grpcio-tools>=1.3.5,<=1.14.2 pemja==0.1.5; python_version >= '3.7' and platform_system != 'Windows' -httplib2>=0.8,<0.19.0 +httplib2>=0.19.0,<=0.20.4 diff --git a/flink-python/setup.py b/flink-python/setup.py index c211b724be9..7bc3009e1e5 100644 --- a/flink-python/setup.py +++ b/flink-python/setup.py @@ -303,7 +303,7 @@ try: 'protobuf<3.18', 'pemja==0.1.5;' 'python_full_version >= "3.7" and platform_system != "Windows"', - 'httplib2>=0.8,<0.19.0', apache_flink_libraries_dependency] + 'httplib2>=0.19.0,<=0.20.4', apache_flink_libraries_dependency] if sys.version_info < (3, 7): # python 3.6 upper and lower limit